Deprecated Chrome policies
The EnableCommonNameFallbackForLocalAnchors policy has been deprecated. It's not available on Chrome version 66 or later (applies to Chrome Browser and Chrome OS). Even if you've left the policy enabled from an earlier releases, the Chrome client no longer implements the policy and it will be removed from future administrative templates.
Only server certificates that have a subjectAlternativeName extension that contains a DNS name or IP address are trusted (allowed). If an end user running Chrome 66 or later tries to access a site where the certificate isn’t allowed, they’ll see a warning that the certificate isn’t valid and can’t be trusted.